⊿ Point. {R} Glossary. ◢ Keyword: S. ▰ Sources. 〓 Books [B] ◥ University. {q} PhD. ⏫ THEMES. ⏫ Big Data. [B] Big Data. ⚫ USA. ↂ EndNote. ☝️ BD Dummies. Security Assertion Markup Language. Technical standard for authentication and authorization A set of XML-based protocol messagesA set of protocol message bindingsA set of profiles (utilizing all of the above) An important use case that SAML addresses is web-browser single sign-on (SSO). Single sign-on is relatively easy to accomplish within a security domain (using cookies, for example) but extending SSO across security domains is more difficult and resulted in the proliferation of non-interoperable proprietary technologies. The SAML Web Browser SSO profile was specified and standardized to promote interoperability.[2] In practice, SAML SSO is most commonly used for authentication into cloud-based business software.[3] At the heart of the SAML assertion is a subject (a principal within the context of a particular security domain) about which something is being asserted.
The subject is usually (but not necessarily) a human. SAML does not specify the method of authentication at the identity provider. <saml:Assertion ... > ..